[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: strange log entry

On Thu, May 24, 2001 at 04:06:08AM -0800, Ethan Benson wrote:
> On Thu, May 24, 2001 at 04:50:57AM -0700, Jacob Meuser wrote:
> > >
> > BS, when was the last time you installed OpenBSD?  I just did an install
> 2.5
That was what, 2 years ago?
> > today.  I guarantee portmap, ruserd, and rstatd are enabled by default,
> > as the installer doesn't even ask what you want to activate, and these
> > programs are part of the base tarball. 
> in 2.5 ftpd, portmap, smtp, and identd were open, i am pretty sure
> rstatd was not.  2.6 i think disabled ftpd by default, shortly
> thereafter a root hole was found in openbsd's ftpd and they prompty
> said `ftpd is not enabled in the default install of 2.6 (or whatever)
> and thus there is no root hole in our default install'  
Ah, they probably caught the problem shortly before 2.6 release,
and didn't have time to fix ftp code, but changing rc.conf was doable.
Anyway, as of 2.9, portmap, rstatd, ruserd, time, daytime, comsat,
sshd and identd are enabled by default.  
Like I said, I didn't want to start a discussion about OpenBSD vs Linux,
I have seen posts from you saying that you like some features of OpenBSD,
/sbin/nologin for example.

I'm just curious why the 'r' tools are apparently so vulnerable in 
Linux.  If the OpenBSD folks are willing to risk creditability by 
claiming that their default install has no remote holes, while
enabling portmap and rstatd by default, why can't Linux users feel 
safe running those daemons also?


Reply to: